The image collection is part of the NSA’s top-secret facial recognition program, which the agency considers vital in its efforts to identify and track terrorism suspects, the documents reveal. As one document from 2010 explains: “It’s not just the traditional communications we’re after: It’s taking a full-arsenal approach that digitally exploits the clues a target leaves behind in their regular activities on the net to compile biographic and biometric information” in an effort “implement precision targeting.”

Of the millions of images collected daily, roughly 55,000 are of “facial recognition quality,” according to NSA documents. However, the program is sophisticated enough to track individuals across the Internet and communication platform even if a suspect changes his appearance. For example, the Times reports, it can recognize a man photographed with and without a beard, or with a bald head and a full mane of hair.

The NSA also reportedly collects images by intercepting video teleconferences for the purposes of facial recognition. According to the Times, these efforts go far beyond efforts revealed in February by the Guardian, which reported that the NSA and its U.K. counterpart, Government Communications Headquarters (GCHQ), accessed the webcams of people who used Yahoo’s video chat service.

In addition to the NSA’s own technology, the agency also reportedly uses commercial tools, like those developed by PittPatt, an image and video analysis company created at Carnegie Mellon University and acquired by Google in July 2011.

U.S. privacy laws do not currently provide clear protection for the use of citizens’ images—a gap that some Members of Congress have recognized for years.

Unlike telephone metadata, which the NSA collects on Americans in bulk, images are considered “content” under the law, like the text of emails or phone call recordings, all of which may not be obtained by the agency without a warrant. That does not mean, however, that Americans’ photos are not swept up by the NSA. A so-called “loophole” in Section 702 of the FISA Amendments Act allows the NSA to “query” the information of U.S. citizens who are in contact with targets overseas.

In a statement to the Times, an NSA spokeswoman Vanee Vines defended the agency’s facial recognition program as vital to national security.

“We would not be doing our job if we didn’t seek ways to continuously improve the precision of signals intelligence activities—aiming to counteract the efforts of valid foreign intelligence targets to disguise themselves or conceal plans to harm the United States and its allies,” Vines said.

NSA documents reportedly reveal that the agency ramped up its facial recognition efforts following two attempted terrorist attacks on the U.S.: The December 2009 attempt by Nigerian student Umar Farouk Abdulmutallab, later dubbed the “underwear bomber,” who failed to blow up a plane headed to Detroit with a bomb hidden in his underwear; and the May 2010 attempt by Pakistani-American Faisal Shahzad to explode a car bomb in Times Square.

In 2010, the NSA successfully matched images in two separate databases—a major “breakthrough,” according to the Times, that has evolved into image matching between the national identification databases of foreign governments, border crossings, and other sources.

The NSA is not the only organization using facial recognition technology. Other U.S. agencies, including the FBI and the State Department, using facial recognition technology, as do unnumbered private companies.

In March, Facebookreleased a paper detailing its DeepFace facial recognition technology, which the company says has a 97.25 accuracy—just shy of the human brain.